Sophos Email

Technical Specifications

Take a look under the hood and get the details on Sophos Email’s award-winning features, including a range of “how it works” videos, giving you all the information you need.

Request QuoteFree Trial

Setup and Management

Sophos Email works right out of the box, with default settings to give you instant protection for your business and mailboxes.

Microsoft and Google compatible
Sophos Email works seamlessly with the following leading email service provider platforms to offer advanced email security:

  • Microsoft Exchange Online and Microsoft Office 365
  • Microsoft Exchange 2003 or later
  • G Suite from Google Cloud

Support is not limited to these platforms. A simple MX configuration is all that’s required to make Sophos Email compatible with any service where you own the domain and control the associate DNS records.

Sophos Central cloud management and reporting
Sophos Email protects and manages your email in the cloud through Sophos Central, providing access to the entire range of Sophos Central products through one interface, including web, endpoint, mobile, and server.

Active Directory Sync and Azure Active Directory Sync
Microsoft Active Directory Sync (AD Sync) and Azure AD Sync gives organizations a simple way to move on-premises Active Directory or Exchange environments to the cloud, with a quick route to on-board users to AD and Microsoft Office 365.

  • Keep users automatically synced with Sophos Email using AD Sync
  • Full support of automatic updating for AD data where businesses have completely moved to the cloud

Multi-policy support
Create unique email security policies for individuals, groups, or the whole domain in minutes, saving you valuable time.

Dashboard and Reporting
Our mobile-optimized portal allows email administrators to view dashboard summary information at a glance or drill down into detailed reports covering emails scanned, as well as viruses and spam detected.

Data center locations
Meet data compliance regulations, or simply improve end user experience, with a choice of global data centers for message processing:

  • Ireland
  • United States
  • Germany
Read More

Email Security Features

Keep your users and business safe with instant protection from advanced threats. Our default settings get to work immediately, intercepting email containing suspicious content, attachments, and URLs.

Live threat updates stop the latest attacks
Anti-malware engines that update hourly like Office 365 offer poor detection rates. Live updates by SophosLabs power Sophos Email filtering, ensuring you’re protected from the thousands of new threats sent every hour.

Inbound and outbound message handling
Sophos Email’s inbound and outbound filtering uses advanced detection methods across multiple languages:

  • Reputation filtering for the majority of unwanted email prior to inspection
  • Our anti-spam engine catches the rest, including the latest phishing attacks and malicious attachments – quarantining where required
  • Methods such as ‘Sender Genotype,’ our next-generation reputation filtering technology, eliminate botnet spam at the IP connection level through monitoring
  • Sophos Delay Queue provides protection against snowshoe spam, a preferred method of sending spam campaigns – Watch How it Works

Email Content Control Policies
Sophos Email Content Control policies make it easy to analyze email content and attachments for all inbound and outbound messages.

  • Create multiple policies for groups and individual users
  • Filter inbound and outbound messages for keywords and file types
  • Identify specific keywords in email subject lines, message content, and file names
  • Quarantine, delete, or strip attachments from email messages to prevent data leaks and malware threats

Block phishing imposters
Using a combination of authentication techniques, Sophos Email allows you to identify and allow legitimate emails from trusted partners and block imposters.

  • Sender Policy Framework (SPF) to identify IP addresses authorized to send email from the domain – Watch How it Works
  • Domain Keys Identified Mail (DKIM) provides cryptographic proof that a message was sent from a specific sender and hasn’t been tampered with
  • Domain Message Authentication Reporting & Conformance (DMARC) determines what to do when messages fail SPF or DKIM checks from the sender
  • Header anomaly detection to identify if the sender's display name is the same as one of your internal user names

Compromised mailbox detection
Link Sophos Email and Phish Threat to identify risky user behavior and launch targeted security awareness training. Watch how it works

Identify and train at-risk users
Link Sophos Email and Sophos Endpoint to automatically detect and clean up infected computers sending outbound spam and viruses. Watch how it works

Email quarantine
Sophos Email’s easy to use preset controls have your message quarantine policies set up and your business protected in seconds, with quarantined messages available for the past 30 days.

Once set up, don’t tie up your IT team with quarantine release requests. The end user portal lets users release mails on-demand, and in-message quarantine digests provide a daily summary of quarantined mail with the option to release direct from the inbox.

Self-service portal for end users
Reduce the burden on your IT teams. Sophos Email provides your end users with access to the following tools:

  • Manage quarantined emails (accept/delete emails)
  • The emergency inbox allows teams to view messages in the event of an outage

Email Encryption
Encrypt sensitive emails and attachments, with secure push-based email encryption.

  • Encrypt the entire email or attachments only
  • use the O365 add-in button, or add your organizations custom subject line tag to encrypt the message i.e. “Secure: ***”
  • Reply and send attachments securely with Sophos Secure Messaging Portal
  • Flexible policy control allows organizations to encrypt all outbound messages sent to a set list of recipient addresses and domains
Read More

Active Threat Protection (ATP)

Sophos active threat protection (ATP) includes cloud sandboxing and time-of-click URL protection – driving advanced threat prevention to unmatched levels.

Sophos Sandstorm cloud sandbox
The best defense you can get against the latest threats lurking in phishing attacks and spam messages. Sophos Sandstorm is backed by the SophosLabs global network to provide detonation and detection of suspicious files containing active code, such as camouflaged executable files, PDFs, and MS Office documents, as well as high-level threats embedded in documents, including ransomware.

Lightning performance
Sophos Email anti-spam and antivirus security accurately pre-filters traffic so only suspicious files are submitted to Sandstorm, ensuring minimal latency and end user impact.

Dedicated virtualized cloud environment
Because it runs in a dedicated virtualized cloud environment, your network is completely free of any burden. This enables far more rigorous and resource intensive analysis that’s just not practical any other way.

Smarter protection from advanced threats
Sandstorm's deep threat prevention goes beyond traditional malware detection solutions with deep learning neural network analysis of executables, extremely aggressive and frequent memory analysis, extensive behavioral analysis scrutiny of all activity and API calls, and more thorough network activity analysis across all protocols.

Sophos Sandstorm data center locations
Ensure compliance with a choice of location for email scanning and sandbox analysis:

  • Ireland
  • United States
  • Japan

Time-of-click URL re-writing
Securing employees from malicious website links, our advanced URL re-writing protects against delayed weaponization of links within messages. Attackers will often send phishing campaigns with safe links only to upload malicious content after they pass traditional email gateway filter checks.

Time-of-click advanced URL protection scans all messages before delivery, re-writing URLs within inbound messages to allow us to re-scan the website's reputation at the time you click the link, blocking delayed attacks.

  • Choose to block, warn, or allow users
  • Upload your logo and custom text to warning pages
  • Re-write emails in HTML and plain text messages
  • Re-write URLs within securely signed messages such as S/MINE or PGP
Read More

Business Continuity

When your email server experiences an outage, a power failure, or a disruption to a cloud-based service, Sophos Email provides the email continuity you need.

Spooling ensures no mail is ever lost
In the event of a disruption to your Microsoft or Google Cloud email service, the recipient’s emails are automatically queued with Sophos Email, then delivered once service is restored, with a retry period of five days.
Watch how it works

User access to 24/7 emergency inbox
In the event of third-party cloud email service provider outages, alerts are provided when mail can’t be delivered to a server/service. Email is then queued for delivery to ensure no email is lost, and read access to that queued email is provided from a 24/7 emergency inbox inside the end user portal.
Watch how it works

Read More


Get Started

Start a Free Trial

Try it Free

Online Demo

Try it Free

Get Pricing

Try it Free